Another actively exploited zero-day vulnerability (CVE-2023-35081) affecting Ivanti Endpoint Manager Mobile (EPMM) has been identified and fixed. The first zero-day spotted Last week, we reported on a remote unauthenticated API access vulnerability (CVE-2023-35078) affecting Ivanti EPMM having been exploited to target Norwegian ministries. The company stated that the vulnerability has impacted a limited number of customers and has released a patch, but did not share any other details or indicators of compromise with the public. … More

The post Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081) appeared first on Help Net Security.